Master Nmap: Step-by-Step Guide to Scanning Linux Ports

Nmap (Network Mapper) is a leading Linux network security scanner that helps identify open ports and mitigate potential threats.

How to Use Nmap to Check Ports

Nmap is a versatile command‑line tool for powerful port scanning. For a basic scan, run the command without options: nmap [target] The target can be a domain name or IP address. For example, to scan scanme.nmap.org: nmap scanme.nmap.org Without options, Nmap scans the most common 1,000 ports. It can also scan a single port, a range, or all ports.

Scanning a Single Port

Use the -p option with the desired port number: nmap -p [port] [target] Example – scanning port 80 on scanme.nmap.org: nmap -p 80 scanme.nmap.org The output shows the port number, protocol (80/tcp), state (open), and associated service (http).

Scanning All Ports

To scan every port (1‑65535), use: nmap -p- [target] Example: nmap -p- scanme.nmap.org This comprehensive scan takes longer but reveals all open ports. For a quicker scan of standard ports, use the fast scan flag: nmap -F [target] Fast scanning checks the 100 most common ports, reducing scan time for large networks.

Scanning a Range of Ports

Specify a start and end port with -p: nmap -p [start]-[end] [target] Example – scanning the first 200 ports: nmap -p 1-200 scanme.nmap.org Or scan specific ports using a comma‑separated list: nmap -p 22,53,80 scanme.nmap.org Combine ranges and lists for flexible scanning, e.g.:

nmap -p 22,80,100-200 scanme.nmap.org

Common Ports

21 (FTP) – File Transfer Protocol. 22 (SSH) – Secure Shell. 25 (SMTP) – Simple Mail Transfer Protocol. 53 (DNS) – Domain Name System. 67,68 (DHCP) – Dynamic Host Configuration Protocol. 80 (HTTP) – Hypertext Transfer Protocol. 110 (POP3) – Post Office Protocol v3. 123 (NTP) – Network Time Protocol. 143 (IMAP) – Internet Message Access Protocol. 443 (HTTPS) – Secure HTTP. 465 (SMTPS) – Secure SMTP. 631 (CUPS) – Common Unix Printing System. 993 (IMAPS) – Secure IMAP. 995 (POP3S) – Secure POP3. 3306 (MySQL) – MySQL database server. 3389 (RDP) – Remote Desktop Protocol. 8080 (HTTP‑Alt) – Alternative HTTP, often used for proxies.

Nmap helps discover port states and informs firewall configuration to block or allow traffic on specific ports.

Port States Identified by Nmap

open – Service is active and listening; the port can be connected to.

closed – No service is listening; the port rejects connections.

filtered – State unknown due to packet filtering or firewall rules.

unfiltered – Port is reachable but no service is detected.

open|filtered – Could be open or filtered; Nmap cannot determine which.

closed|filtered – Could be closed or filtered; exact state is uncertain.